Allow loading environment variables from files

2024-05-16 00:13:14 +02:00 · 2024-05-16 00:13:14 +02:00 · 338f9963f0
parent c9d703464a
commit 338f9963f0
1 changed files with 20 additions and 1 deletions
--- a/lib/modules/rclone.nix
+++ b/lib/modules/rclone.nix
@ -46,10 +46,16 @@ let
          default = { };
        };

+        secrets = lib.mkOption {
+          type = lib.types.attrsOf (lib.types.either lib.types.path lib.types.str);
+          description = "A set of environment variables to load from files.";
+          default = { };
+        };
+
        secretsScript = lib.mkOption {
          type = lib.types.lines;
          description = "A script for loading secrets before launching the sync.";
-          default = [];
+          default = "";
        };

        config = lib.mkOption {
@ -58,6 +64,15 @@ let
          visible = false;
        };
      };
+
+      config = {
+        secretsScript = builtins.concatStringsSep
+          "\n"
+          (builtins.attrValues (
+            builtins.mapAttrs
+              (name: path: "${name}=\"$(cat ${lib.escapeShellArg path})\"")
+              config.secrets));
+      };
    });

  mkWebdavProvider = (
@ -108,6 +123,10 @@ let
            (mkIfNotNull config.username { user = config.username; })
            (mkIfNotNull config.obscuredPassword { pass = config.obscuredPassword; })
          ];
+
+          secrets = lib.optionalAttrs (config.obscuredPasswordFile != null) {
+            RCLONE_WEBDAV_PASS = config.obscuredPasswordFile;
+          };
        };
      }));